Norfolk State University Socio-CybersecurityNorfolk State University Socio-Cybersecurity
    • HOME
      • Project Team
      • Faculty Publications
      • Student Testimonials
      • Faculty Associates
      • Module Videos: How to Use
    • About Us
    • Courses
      • American Court System
      • Elementary Social Statistics
      • Intro to Criminal Justice
      • Research Methods
      • Social Organizational Theory
      • Social Problems
    • COURSE: SOC 401
    • Contact
    • HOME
      • Project Team
      • Faculty Publications
      • Student Testimonials
      • Faculty Associates
      • Module Videos: How to Use
    • About Us
    • Courses
      • American Court System
      • Elementary Social Statistics
      • Intro to Criminal Justice
      • Research Methods
      • Social Organizational Theory
      • Social Problems
    • COURSE: SOC 401
    • Contact
    Register Login

    Cybersecurity Principles

    • Home
    • Modules
    • Social Problems
    • Eliciting Targets
    • Cybersecurity Principles

    During the reconnaissance phase, the attacker finds out the information she needs to actually get in: what traffic the firewall lets through, what hosts are in the network, what services they actually have running, etc.

    Passive Reconnaissance refers to gathering information, often indirectly, in a manner unlikely to alert the subject of the surveillance. This is the natural start of any reconnaissance because, once alerted, a target will likely react by drastically increasing security in anticipation of an attack. This is like casing a place prior to robbing it.

    Active Reconnaissance refers to gathering information while interacting with the subject directly, in a way that usually can be discovered. While passive reconnaissance is like casing a place, active reconnaissance would be actually trying to open doors and windows to see which ones are unlocked.

    Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. Social engineering attacks happen in one or more steps. A perpetrator first investigates the intended victim to gather necessary background information, such as potential points of entry and weak security protocols, needed to proceed with the attack. Then, the attacker moves to gain the victim’s trust and provide stimuli for subsequent actions that break security practices, such as revealing sensitive information or granting access to critical resources.

    References

    • Cooper, Joel. 2006.”The digital divide: The special case of gender” Journal of Computer Assisted Learning 22: 320-334.
    • Federal Bureau of Investigation. 2017. “Internet Crime Report.” Retrieved from https://pdf.ic3.gov/2017_IC3Report.pdf.
    • Jethwani, Monique M., Nasir Memon, Won Sep, and Ariel Richer, A. 2017. “’I Can Actually Be a Super Sleuth’: Promising Practices for Engaging Adolescent Girls in Cybersecurity Education” Journal of Educational Computing Research 55(1): 3-25. Retrieved from https://doi.org/10.1177/0735633116651971.
    • U.S. Department of Labor. 2014. “Computer and information technology occupations.” Retrieved from http://www.dol.gov/wb/stats/Computer_information_technology_2014.htm.

    Search

    Department of Sociology
    Norfolk State University
    700 Park Avenue,
    Norfolk,
    Virginia 23504
    USA
    Tel: 757-823-8436

    This Project is funded by the National Science Foundation

    © 2019. NSU Socio-Cybersecurity Project. All Rights Reserved